using System;
using System.Collections.Generic;
using System.Text;
using System.Data;
using System.Windows.Forms;

namespace QLHXNK.DataAccess
{
	class UserData
	{
		#region New/Delete/Modify

		// Add
		public static int NewUser(String userName, String password)
		{
			try
			{
				String sqlString = "insert into [User](Username, [Password]) values('"
									+ userName.Replace("'", "''") + "',"
									+ "'" + password.Replace("'", "''") + "') ";
				ConnectionData connectionData = new ConnectionData();
				if (connectionData.Command(sqlString) != 0)
				{
					return Int32.Parse(GetUsers(userName,"").Rows[0]["ID"].ToString());
				}
				else
				{
					return 0;
				}
			}
			catch 
			{
				return 0;
			}
		}

		// Remove
		public static int DeleteUser(int userID)
		{
			try
			{
				String sqlString = "delete from [User] where ID = " + userID + "";
				ConnectionData connectionData = new ConnectionData();

				return connectionData.Command(sqlString);
			}
			catch 
			{
				return 0;
			}
		}

		// Modify
		public static int UpdateUser(int userID, String userName, String password)
		{
			try
			{
				String sqlString = "update [User] set Username = '" + userName.Replace("'", "''") + "', " +
									"[Password] = '" + password.Replace("'", "''") +
                                    "'	where ID = " + userID + "";
				ConnectionData connectionData = new ConnectionData();
				return connectionData.Command(sqlString);
			}
			catch 
			{
				return 0;
			}
		}

		#endregion

		#region Get Users Info

		public static DataTable GetUsers(String userName, String password)
		{
			try
			{
                string queryCondition = "";
                if (userName != "")
                    queryCondition += " Username = '" + userName.Replace("'", "''") + "'";
                if (password != "")
                    queryCondition += " and [Password] = '" + password.Replace("'", "''") + "' ";
				String sqlString = "select * from [User] ";
                if (queryCondition != "")
                    sqlString += " where " + queryCondition;
				ConnectionData connectionData = new ConnectionData();
				return connectionData.List(sqlString);
			}
			catch 
			{
				
				return null;
			}
		}

		#endregion
	}
}
